diff options
| author | manuel <manuel@mausz.at> | 2018-12-04 10:38:27 +0100 |
|---|---|---|
| committer | manuel <manuel@mausz.at> | 2018-12-04 10:38:27 +0100 |
| commit | 52b1008b300a3bf48941ce482d5d0c8da163fe53 (patch) | |
| tree | 37faf1e0c359603b153d7c5cd2571ee12ea179af | |
| parent | ebb74077eee67e729300b3be193482192975fa19 (diff) | |
| download | qmail-52b1008b300a3bf48941ce482d5d0c8da163fe53.tar.gz qmail-52b1008b300a3bf48941ce482d5d0c8da163fe53.tar.bz2 qmail-52b1008b300a3bf48941ce482d5d0c8da163fe53.zip | |
Disable TLS 1.0
| -rw-r--r-- | qmail-smtpd.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/qmail-smtpd.c b/qmail-smtpd.c index d5be4af..2a1fd71 100644 --- a/qmail-smtpd.c +++ b/qmail-smtpd.c | |||
| @@ -1432,7 +1432,7 @@ void tls_init() | |||
| 1432 | /* a new SSL context with the bare minimum of options */ | 1432 | /* a new SSL context with the bare minimum of options */ |
| 1433 | ctx = SSL_CTX_new(SSLv23_server_method()); | 1433 | ctx = SSL_CTX_new(SSLv23_server_method()); |
| 1434 | if (!ctx) { tls_err("unable to initialize ctx"); return; } | 1434 | if (!ctx) { tls_err("unable to initialize ctx"); return; } |
| 1435 | SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3 | | 1435 | SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | |
| 1436 | SSL_OP_CIPHER_SERVER_PREFERENCE | | 1436 | SSL_OP_CIPHER_SERVER_PREFERENCE | |
| 1437 | SSL_OP_PRIORITIZE_CHACHA); | 1437 | SSL_OP_PRIORITIZE_CHACHA); |
| 1438 | 1438 | ||